Analysis and Experiences with Information Flow Tracking as a Practical Means to Prevent Data Leakage

Lisa L Fowler

Data leakage is a primary concern for companies and governmental agencies, for which information flow is means for mitigation. A popular technique used for evaluating pre-existing binaries is "taint tracking," but such approaches in real-life application were impractical due to excessive performance costs and numerous false positives due to taint explosion. The novel techniques used by our system PIFT directly eliminated these concerns, but revealed new deeper and more troubling concerns. In using PIFT successfully for information flow tracking on a commodity GUI-based operating system, and upon further inspection, we discovered that the applications and operating systems that we use in day-to-day practice are imperfect components that violate the basic tenets of information flow. In this thesis, we explore information flow tracking as a whole, elaborate on these troubling discoveries, and argue that no matter the performance improvements or adjustments made to correct the metadata for information flow tracking, it will be impossible to provide useful data for the prevention of data leakage without addressing and resolving common practices prevalent across legacy software.

Advisor: Scott Shenker

BibTeX citation:

@mastersthesis{Fowler:EECS-2011-126,
Author = {Fowler, Lisa L},
Title = {Analysis and Experiences with Information Flow Tracking as a Practical Means to Prevent Data Leakage},
School = {EECS Department, University of California, Berkeley},
Year = {2011},
Month = {Dec},
URL = {http://www.eecs.berkeley.edu/Pubs/TechRpts/2011/EECS-2011-126.html},
Number = {UCB/EECS-2011-126},
Abstract = {Data leakage is a primary concern for companies and governmental agencies, for which information flow is means for mitigation. A popular technique used for evaluating pre-existing binaries is "taint tracking," but such approaches in real-life application were impractical due to excessive performance costs and numerous false positives due to taint explosion. The novel techniques used by our system PIFT directly eliminated these concerns, but revealed new deeper and more troubling concerns. In using PIFT successfully for information flow tracking on a commodity GUI-based operating system, and upon further inspection, we discovered that the applications and operating systems that we use in day-to-day practice are imperfect components that violate the basic tenets of information flow. In this thesis, we explore information flow tracking as a whole, elaborate on these troubling discoveries, and argue that no matter the performance improvements or adjustments made to correct the metadata for information flow tracking, it will be impossible to provide useful data for the prevention of data leakage without addressing and resolving common practices prevalent across legacy software.}
}